Description: A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.
Mitigation: Don't configure Chainsaw to read serialized log events. Use a different receiver, such as XMLSocketReceiver Credit: This issue was reported by @kingkk